suse/kernel-default&distro=SUSE Linux Enterprise Server 15 SP3-LTSS

Vulnerabilities (1,483)

• CVE-2025-38079HigJun 18, 2025
  affected < 5.3.18-150300.59.215.1fixed 5.3.18-150300.59.215.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea

• CVE-2025-38011Jun 18, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: csa unmap use uninterruptible lock After process exit to unmap csa and free GPU vm, if signal is accepted and then waiting to take vm lock is interrupted and return, it causes memory leaking and bel

• CVE-2025-38001Jun 6, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed,

• CVE-2025-38000Jun 6, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and

• CVE-2025-37997May 29, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in v5.6-rc4 contained three macros to handle the region locks: ahash_bucket_start(), ahash_bucket_end() which gave back the start and

• CVE-2025-37953May 20, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference in htb_next_rb_node() after we made htb_qlen_notify() idempotent. It turns out in the following case it introduced some regres

• CVE-2025-37932May 20, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_qlen_notify() idempotent htb_qlen_notify() always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly t

• CVE-2025-37890May 16, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs

• CVE-2025-37846May 9, 2025
  affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

  In the Linux kernel, the following vulnerability has been resolved: arm64: mops: Do not dereference src reg for a set operation The source register is not used for SET* and reading it can result in a UBSAN out-of-bounds array access error, specifically when the MOPS exception i

• CVE-2025-37823May 8, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.

• CVE-2020-36791May 7, 2025
  affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

  In the Linux kernel, the following vulnerability has been resolved: net_sched: keep alloc_hash updated after hash allocation In commit 599be01ee567 ("net_sched: fix an OOB access in cls_tcindex") I moved cp->hash calculation before the first tcindex_alloc_perfect_hash(), but cp

• CVE-2023-53117May 2, 2025
  affected < 5.3.18-150300.59.218.1fixed 5.3.18-150300.59.218.1

  In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369

• CVE-2023-53106May 2, 2025
  affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

  In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition This bug influences both st_nci_i2c_remove and st_nci_spi_remove. Take st_nci_i2c_remove as an example. In st_nci_i2c_probe, it called n

• CVE-2023-53052May 2, 2025
  affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

  In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refresh_cache_worker() The UAF bug occurred because we were putting DFS root sessions in cifs_umount() while DFS cache refresher was being executed. Make DFS root sessions have

• CVE-2023-53039May 2, 2025
  affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

  In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC message is received, the ISR schedules a work function and passes the ISHTP device to it via a global pointer ishtp

• CVE-2025-37798May 2, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdi

• CVE-2025-37797May 2, 2025
  affected < 5.3.18-150300.59.215.1fixed 5.3.18-150300.59.215.1

  In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc

• CVE-2022-49927May 1, 2025
  affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

  In the Linux kernel, the following vulnerability has been resolved: nfs4: Fix kmemleak when allocate slot failed If one of the slot allocate failed, should cleanup all the other allocated slots, otherwise, the allocated slots will leak: unreferenced object 0xffff8881115aa100

• CVE-2022-49922May 1, 2025
  affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

  In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() nfcmrvl_i2c_nci_send() will be called by nfcmrvl_nci_send(), and skb should be freed in nfcmrvl_i2c_nci_send(). However, nfcmrvl_nci_send() will

• CVE-2022-49915May 1, 2025
  affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

  In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDN_register_device() Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, add put_device()